You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by "Kevin Risden (Jira)" <ji...@apache.org> on 2019/11/09 18:56:00 UTC

[jira] [Comment Edited] (KNOX-2098) OWASP Add Nov 2019 suppressions for false positives

    [ https://issues.apache.org/jira/browse/KNOX-2098?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16970839#comment-16970839 ] 

Kevin Risden edited comment on KNOX-2098 at 11/9/19 6:55 PM:
-------------------------------------------------------------

{code:java}
mvn -DskipTests=true -Dcheckstyle.skip=true -Dspotbugs.skip=true -Dmdep.skip=true -Djacoco.skip=true -Powasp package org.owasp:dependency-check-maven:5.2.2:aggregate
{code}

Then the dependency check report will be in the top level target directory. 


was (Author: risdenk):

{code:java}
mvn install -DskipTests
mvn -Powasp verify
{code}

Then the dependency check report will be in the top level target directory. 

> OWASP Add Nov 2019 suppressions for false positives
> ---------------------------------------------------
>
>                 Key: KNOX-2098
>                 URL: https://issues.apache.org/jira/browse/KNOX-2098
>             Project: Apache Knox
>          Issue Type: Task
>          Components: Build
>            Reporter: Kevin Risden
>            Assignee: Kevin Risden
>            Priority: Major
>             Fix For: 1.4.0
>
>
> KNOX-1660 did this about a year ago. Would be good to add new suppressions since there are a few false positives in the owasp report.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)